The point here is that the photographer is not necessarily trusted.
You can already sign a JPEG with your GPG key; that won’t convince anyone that it wasn’t actually photoshopped or outright generated by AI.
The point here is to have a more trusted hardware vendor vouch for their camera not being easy to trick into signing arbitrary data, but only actual images it took itself.
Of course that also puts a lot of pressure on the key generation, storage and processing mechanism of that vendor; trusted computing in this scenario (i.e. the adversary has unrestricted and persistent access to the system) isn’t easy to get right.